[dpdk-dev] [PATCH v2] vfio: Fix overflow while assigning vfio BAR region offset and size
Rahul Lakkireddy
rahul.lakkireddy at chelsio.com
Tue Jun 23 17:00:53 CEST 2015
When using vfio, the probe fails over Chelsio T5 adapters after
commit-id 90a1633b2 (eal/linux: allow to map BARs with MSI-X tables).
While debugging further, found that the BAR region offset and size read from
vfio are u64, but are assigned to uint32_t variables. This results in the u64
value getting truncated to 0 and passing wrong offset and size to mmap for
subsequent BAR regions (i.e. trying to overwrite previously allocated BAR 0
region).
The fix is to use these region offset and size directly rather than assigning
to uint32_t variables.
Fixes: 90a1633b2347 ("eal/linux: allow to map BARs with MSI-X tables")
Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy at chelsio.com>
Signed-off-by: Kumar Sanghvi <kumaras at chelsio.com>
---
v2:
- For fixing 32-bit build failure, rather than converting uint32_t var to uint64_t
as done in v1, taking a different approach instead to revert a part of above
commit-id so as to use the original region offset and size directly.
- Add the commit-id that this patch fixes and update commit log.
lib/librte_eal/linuxapp/eal/eal_pci_vfio.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/lib/librte_eal/linuxapp/eal/eal_pci_vfio.c b/lib/librte_eal/linuxapp/eal/eal_pci_vfio.c
index 426953a..ff974f5 100644
--- a/lib/librte_eal/linuxapp/eal/eal_pci_vfio.c
+++ b/lib/librte_eal/linuxapp/eal/eal_pci_vfio.c
@@ -775,9 +775,6 @@ pci_vfio_map_resource(struct rte_pci_device *dev)
memreg[0].offset, memreg[0].size,
memreg[1].offset, memreg[1].size);
}
- } else {
- memreg[0].offset = reg.offset;
- memreg[0].size = reg.size;
}
/* try to figure out an address */
@@ -815,6 +812,15 @@ pci_vfio_map_resource(struct rte_pci_device *dev)
MAP_FIXED);
}
+ if (!map_addr) {
+ /* Not a BAR containing MSI-X */
+ map_addr = pci_map_resource(bar_addr,
+ vfio_dev_fd,
+ reg.offset,
+ reg.size,
+ MAP_FIXED);
+ }
+
if (map_addr == MAP_FAILED || !map_addr) {
munmap(bar_addr, reg.size);
bar_addr = MAP_FAILED;
--
2.4.1
More information about the dev
mailing list